package jdbc.common;

import jdbc.DBUtil;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Scanner;

public class JDBCDemo9 {
    public static void main(String[] args) {
        System.out.println("欢迎登陆");
        Scanner sc = new Scanner(System.in);
        System.out.println("请输入用户名：");
        String username = sc.next();
        System.out.println("请输入密码：");
        String password = sc.next();
        try(Connection conn = DBUtil.getConnection()) {
            String sql = "SELECT id,username,password,nickname,age FROM userinfo WHERE username=? AND password=?";
            //创建PreparedStatement时先将预编译SQL语句发送给数据库，将语义定死
            PreparedStatement ps = conn.prepareStatement(sql);
            //然后指定两个?对应的值分别是什么
            ps.setString(1, username);
            ps.setString(2, password);
            //执行查询，此时不需要在传入SQL语句了，那执行会将两个?对应的值发送给数据库
            ResultSet rs = ps.executeQuery();
            if(rs.next()){
                String nickname = rs.getString("nickname");
                System.out.println("登录成功,欢迎【"+nickname+"】回来");
            }else{
                System.out.println("用户名或密码错误！");
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}
